digininja

Locking this before it gets out of hand.

In which case, ask the owner. If you can't then you probably shouldn't be doing this type of thing against it.

Don't know how old you are, but please grow up and be civil on the forums.

Is it your AP?

ARP packets don't pass through routers so if you do a broadcast then it will be seen by all devices on the same subnet. If you target a single device then, if it is on the same subnet, it will get the packet. I think, if I read your question right, that if the AP is acting as a NAT device then the ARP packets you send won't hit the LAN but if it is just a bridge then they will.

Elliot used nano, he wasn't l33t!

I'd ignore it, go play with your kids, watch a movie or go to the pub. Never try to hack back, it isn't worth it and, no disrespect, but if you are asking on a forum about how to do it, then you probably don't have the skills to do it well enough to get anywhere (I wouldn't trust my OPSEC enough to do it). If you really wanted to do it, you'd be looking to get a shell on the box (unlikely from a single UDP port), dig out enough information to find out who owned it and then get revenge in some way. You also have to consider that there is a good chance they are using a box they hacked and took over from someone else so all your effort could be directed against someone innocent. To do it you would need perfect OPSEC otherwise you get into a spiral of them coming back after you and they have shown that they are happy doing illegal things so are likely to do worse things to you than you would to them.

Get 2FA on all your accounts, set good passwords and make sure you pay attention to any alerts of people trying to log into your account. I'd say it is very unlikely you'll be able to do anything to stop them, just keep things locked down and hope they go away.

Assuming ravang is revenge then no, definitely not helping, that is not the way to go about things. Regardless of the circumstances, what you are asking is illegal and we don't condone that on these forums.

and neither do you by the sound of it. Sounds way to dodgy to me.

Getting rushed help from a forum isn't the way to learn something like this. If it is a challenge then talk to the people who are doing well and have them explain things to you or ask the organisers what they have put in place to help you learn from what you are doing.

Sounds like something illegal to me

Best asking on their mailing list. I've had a few interactions with it and they've always been helpful.

I would expect small files with just hashes in so the second example makes sense. Have you tried other files? Try something a few meg in size and see what that creates. It could be a bug with the convertor, they may not have anticipated files so large as input so you may be overflowing something.

Glad it's working

I just built bleeding-jumbo from github and I've got rar2john, it is a symlink to john: src $ ls ../run/*rar* -al lrwxrwxrwx 1 robin robin 4 Feb 8 12:11 ../run/rar2john -> john src $ ../run/rar2john Usage: ../run/rar2john <rar file(s)> If you want to diff our configures, here is mine https://pastebin.com/mV6tfCsy If not, try the current source from github and see if that works.

Doesn't seem anything obvious in the configuration, I'll see if it builds on my box tonight.

I'd check the results of the configure script, it probably tells you something is missing, I'd guess a rar library.

Assume you've googled Android port fowarding and gone all through the results.

I'd agree with getting it in writing to say what you are allowed to do and what is out of scope. I'd also make sure you stress that whatever you do, you are identifying issues, not proving issues don't exist. Another way to put it, if you find 2 issues from your testing you should write: I found two issues on our network, there might be more. Not: We have two issues on our network. It is a subtle difference but with the second, if they fix those two issues they will go away thinking they are done and secure, with the first, you are covering yourself from anything you missed. I'd also be careful with your terminology, a vulnerability assessment looks for issues, a penetration test then exploits them to see where you can get. Without skills, you are probably going to be able to identify vulnerabilities but unlikely to be able to properly exploit things without the potential for things going wrong (i.e. running Metasploit exploits against the domain controller is bad). Drop the word hacking completely. If you have any systems hosted on cloud platforms, make sure you have full permission of the hosting company, some care, some don't, some see it as you are paying so you control it, some will come after you. If you are going to scan your exterior across the internet then be careful where you scan from, some ISPs don't like to see scanning traffic leaving their networks. Again, talk to them and get something in writing.

Can't help with this but, unless you've got a specific reason for using rainbow tables, most people have moved away from them to just normal testing using something like JtR or Hashcat.

I doubt it, if people can pirate Microsoft by bypassing their licence technology then anything else is going to be breakable. Plus, if you use anything off the shelf and someone creates a generic bypass for it then you are screwed but if you create your own, you probably aren't going to do a better job so screwed that way as well. It comes down to how much you are prepared to spend on technology and time compared to how much you are losing. Would the pirates have bought the software if they couldn't get it for free? If not you've not actually lost anything. I'd build into your business model that piracy will happen and write it off. Look to recoup the costs through support or online only features which can't be shared or pirated.

Think you are talking about HSTS preloading https://scotthelme.co.uk/hsts-preloading/

It would all depend on what tool you are using to do the MITM.

Either without quotes, or in double quotes, strings starting with dollar signs are treated as variables, in single quotes they are treated as literals as you can see in this screenshot. What is your exact problem, from your last post it doesn't sound like it is the variables that are causing you the issues.